Report: Employees call MCCCD servers 'high risk' in complaint to District in 2012

Employees call MCCCD servers 'high risk' in complaint to District in 2012.

KNXV

Courtesy Maricopa County Community Colleged District

Copyright 2013 Scripps Media, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

PHOENIX - The ABC15 Investigators are finally getting our hands on documents employees say prove that the Maricopa County Community College District was warned before 2013 that a security breach was imminent.

Dated October 24, 2012, the employee grievance seems to warn MCCDD officials that personal information could be exposed. Almost six months later, hackers were able to compromise District web servers putting nearly 2.5 million people's personal information at risk.

The grievance was filed by several District employees in the ITS department, which manages district technology.

One of the employees, Miguel Corzo, talked to us in February. He says the grievance was just one of many attempts to make District management aware of a dire situation.

"We received very little feedback. There was no action taken for sure," said Corzo.

The ABC15 Investigators requested the grievance and information about a previous security breach in 2011.

It's important, because the District has blamed several employees saying they "withheld information and obstructed investigation into the 2011 security incident which effectively deprived MCCCD of knowledge of security vulnerabilities," and that their actions 2013 data security incident.

But the document alleges that a report was delivered to management in the spring of 2012. It pointed out "several risks and deficiencies in the organization." And that compromised web servers "represented a high risk that could expose personal information." That report also states none of the District ITS employees' recommendations were resolved.

The ABC15 Investigators are still waiting for other documents requested months ago.

But the District says they can't be released now for a number of reasons. Including that if that information is made public, it could risk another security issue.

Copyright 2014 Scripps Media, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.